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Process for Digital Sighing of a Message 
Description 

The present invention relates to a process for the digital signing of a message and lo a system 

required tor practising this process. 

s Digital signatures, ie., electronic signatures, are usually made with the aid of so-called public- 
key processes. In these processes, to the signer there is assigned a pair of keys which consist of a 
secret key and a public key. A signature is generated by moons of the secret key with a mathematical 
algorithm, and this signature can be verified with the associated public key. The secret key can be 
controlled only hy the signer so that nobody is able to sign in the name of the signer. The public key, 

10 by contrast, may be published so that anybody can verity the signature. The secret key is usually 
protected through a PIN so thai for making a signature, knowledge of the PIN and possession of the 
secret key are required. 

Digital signatures can be generated in a computer, eg- in a PC, with the aid of software 
programs. The associated secret key is usually stored on a hard disk or a diskette and downloaded 

is into the main memory for generating the signature. In most instances, the secret key proper is, in turn, 
stored in encoded form and protected via a PIN which the owner has to input when signing via the 
software. I his Is to ensure that only the owner of the secret key can use the same for signing. Since 
no additional hardware is required, this process is advantageous in regard to posts. It turns out to be a 
shortcoming that the user must rely on the signature software's integrity and that the same is not 

70 deemed sufficiently safe. 

Hardware-based processes are an alternative tor generating digital signatures in a computer. 
These processes for signing make use of special systems in which the display component and the 
keyboard are coupled with the signature component by hardware in a way such that the connection 
cannot be Influenced. These systems am usually connected to the computer via a galvanic 

29 connection, eg., a cable to the serial interface. These systems have their own display component 
which displays the message to be signed, and their own keyboard, the soiled PIN pad through 
which the PIN is inputted for making the key available. The sewet key is usually not stored in the 
signing unit but rather on a chipcard which can be introduced Into the system. The signature proper 
can be generated on the chipcard (in the case of chipcards with incorporated cryptoprocessor) or In 

30 the system. Ihe above-described hardware-based process forms a closed signing system consisting 
of the display component, the keyboard, the reader, and the chip card. 

Hardware-based processes are significantly safer than software-based processes but their 
costs are higher. Accordingly, so-called hybrid processes are used at the preeont time. In these, the 
secret keys are in most cases stored on a chipcard and made available via a reader instrument. The 

35 other tasks, such as display, inputting of the PIN, and signature generation are fully or partially carried 
out in the computer. It may be provided that the signature unit, le;, the reader and the chipcard, is 
used as a pure storage medium for the secret key. whereas the display, the inputting of the PIN, and 
the generation of the signature are entirely carried out In the computer. 

It can be provided as an alternative to effect the display and the inputting of the PIN through the 

40 computer; in this case, the signing unit is used for signature generation, in addition to storing the 
seciel key. Finally, there exists a version In which only the display is effected in the computer. In this 
version, the signing unit has its own keyboard or it 



CA 02308386 2000-04-27 



2 

is directly connected with the computer keyboard under exclusion of the computer software. The signature is 
generated in the signing unit This process is the more cost-saving the fewsrtasks must be carried out by the 
computer software and the lower the performance requirements to the signing unit 

WO 96/32700 discloses a process in which a message generated m a mobile radio telephone is signed 
digitally and passed on. EP 0 689 31 6 A2 discloses a process and a system for identifying and verifying data in 
a communication network. 

However, In all this embodiments there Is the basic problem that there must be signed precisely the data 
which (he user wants to sign. It must be precluded that a virus -affects the data, for example during the 
transmission from the display component, eg., from the display, to the signing component, eg., the 
cryptDprocessor. Furthermore, it must be ensured that a secret number (eg., the PIN), which is required to 
trigger signatures, cannot be read from the keyboard by other programs and does not become known to third 
parties. 

Furthermore, ttie large-scale utilisation of the option of digital signing b limited by fre comparatively small 
distribution of signing units. In fields of the potential appfcation of digital signatures, eg., m ntemet banking, 
therefore a costly infrastructure would have to be set up to spread the use of signing units. Also the Installation 
of signing units at the computer is problematic. On the one hand, the units must bo physically connected to the 
computer, yet all the serial Interfaces of a PC are often already In use. Alternative processes tor irxsrpcirating 
seining units in computers are Dkewse problematic, since for this purpose software drivers and. sometimes, 
even additional hardware are required. Apart from this, for afi signing units there must be implemented special 
software components which aUow tlw application program to (Mmunkab witti the signing unit 

A further problem of the conventional processes for digital signatures results from the fact that they are 
locarioTKlftpfindent. Parthilar fields of appGcatfon of digital signatures, eg.. Wemel banking, are locafion- 
independent in view of the everywhere accessible pubic Wemet terminals. If these Internet banking 
applications were combined with the known locatorKtependent processes tor digital signing, independence of 

the location would be tost in these applications. 

A low cost, casy-to-bulld, and location-Independent process for the digital signing of communications and 
the provision of appropriate means are the technological problems underlying the present Invention. 

These technological problems are solved through the teachings according to Hie main claim. Thus, the 
invention creates a process for digital signing of amessage by means of adgning unit, which message is to be 
transmitted to a receive! , willi (lie message to be signed being uarisnilled from a transmitter to a receiver, this 
message thereafter being transmitted from the receiver via a telephone network, particularly the mobile radio 
telephone network, to a signing unit associated with he transmitter, this message then being signed in he 
signing unit and retransmitted, as signed message, to the receiver. In a particularly preferred embodiment of the 
Invention, the signing unit is a mobye radio telephone and, accordingly, the mobile radio phone network is the 
telephone network. 

In the context of the. present invention, digital signing of a message is understood as a procedure m which 
the intent to deliver a message and its contents are confirmed electronically. 1 his is effected by partial or fufl 
encoding of the message to be signed or by encoding of a cryptographic check sum of this message into a 
signed message by means of a secret key and by making use of an algorithm. In the context of the present 
invention, a signed message is understood eilher as the message as a wtwle ui as Uw signature proper. 
Signing serves for being able to identify the user later on. In the context of the present invention, a signed 
message is understood also as merely the eledronically generated signature of the messagr*. In the context of 
the present invention, a message is understood as any kind of electronically reproducfole information, for 
example, numbers, characters, combinations of numbers, combinations of characters, graphs, tables, etc. In 
the context of the present invention, a signing unit is understood as a unit which 
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can perform the signing of the message, ie.. which comprises a secret key, a mathematical encoding 
procedure, facilities for dialog with the signer or user, optionally the required interfaces, and a 
transmitting and receiving system. This unit can be composed of various elements, for example, of a 
chipcard and a reader or a chlpcard and a mobile radio telephone. In the context of the present 
9 invention, signing means are understood as a component of the signing unit, Including the secret key 
and/or the encoding procedure and/or an interface with the two or. one of the aforementioned 
components 

Based on the - according to the Invention particularly preferred - use of the radio telephone net 
for transmitting messages to be signed to a signing unit, which, in an advantageous embodiment is a 

iu mobile radio telephone, it Is possible to transmit messages to the signing unit from a commercial 
computer having a connection to an appropriate message server, eg., by e-mail, without need for 
implementing or modifying anything at the computer. 

In a particularly preferred embodiment, the invention envisages o process of the above- 
Identified type In which the message to be signed is transmitted, tram a transmitter to be termed a 

is message source, en , a PC. to a receiver, eg., a message server, in which this message is thereafter 
transmitted from the receiver to a signing unit associated with the transmitter, particularly to a mobile 
radio telephone, with this message thereafter signed in the mobile radio telephone and retransmitted 
to the receiver as signature, Ie., as signed message. 

Thus, the invention provides that an unsigned message or a message to be signed is 

20 transmitted from a message source to a receiver, for example, to a message server. Then the receiver 
associates the message to be signed with the signing unit, particularly with the mobile radio 
telephone. This Is effected either via documentation stored in the receiver or via information which, 
together with . the message to be signed, was transmitted from the transmitter to the receiver. The 
association of the signing unit, advantageously of the mobile radio telephone, with the message 

7s ."source therefore need not be a spacewise localised association but is an association purely through 
Information, the association involves the determination of the signing unit and, hence, of the user who 
has to sign the received message to be signed. The mobile radio telephone which is used in the 
preferred embodiment of the invention can advantageously display a message to be signed and. 
when instructed by the user, can effect the signing with the aid of the advantageously employed 

so chipcard. The message signed in this way is transmitted to the receiver and there optionally compared 
with the original message and identified as authentic. The signed message, which is optionally 
Identified as authentic, Is then transferred to an addressee. 

The invention also relates to an above indicated process m which it is provided in 
advantageous fashion to use a public-key process for signing, wherein the transmitter has an 

ss associated secret key and the receiver has a corresponding public koy associated with the secret key. 
This procedure has the advantage ot not necessitating the transmission of the keys. 

In a further advantageous embodiment, the invention relates to an above-indicated process in 
which the message to be signed, or the previously signed message, Ie., for example, the signature, is 
transmitted between the mrftiver and the signing unit, particularly the mobile radio telephone, by 

w means of short-message service (SMS). In a particularly preferred embodiment, it can be provided 
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that both the transmission of the message to be signed from the receiver to the mobile radio 
telephone and the transmission of the signed message or of the signature from the mobile radio 
telephone to the receiver are carried out by SMS. 

In a further embodiment, the invention provides that the message to be signed is displayed by 
s means of a display provided in Ihe mobile radio telephone. This can be the display of conventional 
mobile radio telephones. In this way, simple texts, such as, for example, banking transactions or even 
simple graphs, can be readily displayed. 

Following this optionally provided display, the user gives an appropriate instruction in a 
corresponding dialog for triggering the signing operation. In a particularly preferred embodiment, the 
10 invention provides a process of the above-Indicated type In which the secret key required for signing is 
stored In a chipcard of the mobile radio telephone and In which this key is activated by means of a 
secret number (termed PIN in what follows) capable of being inputted from the key pad of the mobile 
radio telephone. By corresponding appropriate programming of the mobile radio telephone It can be 
ensured in advantageous fashion that the inputted PIN is transmitted only to the chipcard and cannot 
is be recognised from the outside. 

In a further alternative embodiment of the aforementioned process according to the invention, it 
is provided to input the secret key required for signing via the key pad of the mobile radio telephone. 

It Is provided in a further preferred embodiment of the invention that in one of the 
aforementioned processes, the secret key is stored not only on the chipcard of the mobile radio 
M telephone but that there also the signing of the message is effected. In this way it is ensured in 
advantageous fashion that the secret key does in no event leave the chipcard and therefore cannot be 
used by unauthorised persons. 

It is provided in a further preferred embodiment of the invention that the mobile radio telephone 
is used not only for signing the message but, m addition, as the sender for transmitting the signed 
25 message to the receiver. 

Tlie invention also relates to means for practising the aforementioned processes, particularly 

mobile radio telephones and chipcards. 

In a further preferred embodiment of the invention there Is provided a mobile radio letepliww 
which comprises a key pad, display means, and chipcard means for reading and/or writing of a 

so chipcard adapted to be inserted into the mobile radio telephone, wherein there are provided, in 
addition, signing means which are suitable, for example, for communicating with a chipcard according 
to tho invention and/or for generating a signed message from a message to be signed. The signing 
means are advantageously connected with the key pad for inputting a secret key or a PIN. 

In a particularly advantageous embodiment of the aforementioned mobile radio tolophonc, it is 

as provided that the signing means represent a software component at variance with the conventional 
software component of a mobile radio telephone. In a preferred embodiment of the invention, this 
modified software component Is suitable for carrying out the signing of the message after dialog with 
the user. In a further embodiment the modified software component, which is provided according to 
the invention, is advantageously capable of wmmunicating with the chipcard according to the 

w invention for carrying out the signing according to the invention. It is provided in a particularly 
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advantageous embodiment of the invention that the signing means of the signing unit can work with 
additional algorithms which facilitate the display of the message to be signed on the (fisplay field of the 
mobile radio telephone . 

Thus, the present invention In particularly advantageous fashion makes available a system in 
s which only the software components have to be modified relative to tho conventionally employed 
software components. No modification of the hardware is required. 

In a further embodiment of the invention, the invention -also relates to the chipcard for mobile 
radio telephones, particularly tor the aforementioned mobile radio telephones, wherein the chipcard' 
comprises signing means capable of storing the secret key of the user. Advantageously, the signing 
10 means of the chip card are additionally capable of generating a signed message from a message 
received by the mobile radio telephone, ie., from a message to be signed. In the context of the 
present invention, the signing means of a chipcard according to the invention are understood as 
means which store the secret key of the user and, in an advantageous embodiment, also carry out the 
signing. The signing need not be earned out, directly on the chip card but can be effected by a 
is software component and/or hardware component In the mobile radio telephone. 

Other advantageous embodiments of the invention will become obvious from the dependent 
claims. 

I he Invention will be explained in detail with reference to the figures and the associated 
exemplary embodiment 
zo The figures show: 

Figure 1, the operational sequence of tho process according to the invention; 
Figure 2, the schematic structure of a mobile radio telephone according to the invention; and 
Figure 3, a schematic representation of a chip card according to the invention. 
Hgure 1 shows the transmitter 1 which can be configured as a PC having a text editor or a 
2s home banking program, a message 2 to be signed, a receiver 3 which is configured as a message 
server, a mobile radio telephone 7, a signed message 9, and an addressee 1 1. 

A message 3 to be signed is sent, eg., by e-mail, to the receiver 3 with the aid of the 
homebanklng program incorporated in the transmitter 1. The receiver 5 converts the received 
message, which Is to bo signed, into e message which can be sent to the mobile radio telephone 7, 
30 particularly by means of a mobile-phone radio net, and though SMS, in an advantageous 
embodiment. The receiver 5 associates the message 3 to be signed with the mobile radio telephone 
7, tor example by means of data stored In the receiver 5. It may also be provided that the association 
is effected by means of data sont by the transmitter 1 together with the message to be signed. These 
data are, in general, the phone number of the mobile radio telephone. 
36 The received message 3 is displayed in the mobile radio telephone 7 on a display 13. The 
precise operation will be explained in detail in the description pertaining to Figure 2. After displaying 
the message 3 to be 6igned on the display 13, the message 3 to be signed is being signed upon 
instruction by the user and the signed message 9 is passed on to the receiver 5 or to some other 
receiver. Transmission of the signed message 9 from the mobile radio telephone 7 to the receiver 5 is 
40 likewise effected though SMS, The receiver 5 is capable of comparing the signed message 9 with the 
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original message 3 to be signed and transmit it thereafter to an addressee 11. Transmission to the 
addressee 1 1 can be carried out in any form. 

f-igure 2 Illustrates a mobile radio telephone 7. The mobile radio telephone 7 comprises a 
display 13, a transmitter/receiver 15, chipcard means 17, a key pod 19, and signing means 21. 
s The. message 3 lo be signed, which is transmitted from the receiver 5, is received by the 
transmitter/receiver 15 of the mobile radio telephone 7 and, if necessary, passed on in modifiod form 
lo the signing means 21. The signing means 21 take care of the Internal control of the signing 
operation. The signing means 21 comprise, software components for controlling the display 13 so that 
the message 3 to be signed can be made visible. Furthermore, the message 3 to be signed is signed 

10 within the signing means 21 . In order to be able to carry out the signing operation, the signing means 
21 must communicate with the chipcard means 17. Furthermoie, il is necessary that the secret key 
proper or the PIN is inputted to the signing means 21 via the key pad. If the PIN, which is usually 
shorter, ie., which has fewer digits than the secret key, is Inputted by the user via the key pad 19, the 
PIN can - so to speak - activate the unwieldy secret key for the signing operation by means of the 

is operating system of the chipcard 25. Tho signing means 21 can communicate with the chipcard 25 via 
a bidirectional connection line 23. The chipcard means 27 ensure that the commands of the signing 
means 21 are executed and that the signed message 9 ie passed on to the transmitter/receiver 15 via 
the signing means 21 . This means that the chipcard means 27 form an interface between the signing 
means 21 and the chipcard 25. 

20 Figure 3 shows - In very simplified, schematic form - a chipcard 2b according to the invention. It 
comprises basically a contact pad 31, a memory unit 27, and a cryptography module 29. The secret 
key required for generating (he signed message 9 Is stored In the memory unit 27. The cryptography 
module 29 serves for encoding the message 3 to be signed, for example, by means of an RSA 
process. The memory unit 27 or the. cryptography module 29 can communicate with the chipcard 27 

25 via the contact pad 31 . Other elements required for the operation of the chipcard 25, eg., a controller 
are not shown in Figure 3 for the sake of clarity of the representation. 
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Claims 

1. A process for -the dlgftal signing of a menage by means of a signing unit, with the 
message to be transmitted to a receiver, characterised in that the message (3) to be signed is 
transmitted from a transmitter (1) to a receiver (5), this message Is thereafter transmitted from the 

s receiver (5) via a telephone network to a signing unit associated with the transmitter (1), this message 
is then signed in the signing unit and retransmitted, as signed message (9), to the receiver (5). 

2. The process according to claim 1, wherein the signing unit is a mobile radio telephone 

(7). 

3. The process awarding to claim 2, wherein the telephone network is a mobile radio 
10 telephone network. 

4. The process according to any one of the preceding claims, wherein a public-key process 
is used for signing, particularly a public-key process in which the transmitter (1) has an associated 
secret key and tho receiver (5) has a corresponding public key matching the secret key. 

5. The process according to any one of the preceding claims, wherein the messages are 
is transmitted between the receiver (5) and the mobile radio telephone (7) by means of (he start- 

message servloe (SMS). 

6. The process according to any one of the preceding claims, wherein, prior to s&ning, the 
message (3) Is displayed by means of a display (13) provided in the mobile radio telephone (7). 

7. The pmcess according to any one of the preceding daims, wherofn the secret key 
20 required fur signing is Inputted via keyboard means of the mobile radio telephone (7). 

8. The process according to any one of the preceding daims, wherein the secret toy 
required for signing fc» stored on a chlpcard of the mobile radio telephone (/) and this key is activated 
by means of a PIN adapted to be inputted via keyhnard means of the mobile radio telephone (7). 

9. The process according to any one of the preceding claims, wherein the chlpcard cames 
25 out the generation of the signed message (9). 

10. Tho process according to any one of the preceding claims, wherein the mobile radio 
telephone (7) generates the signed message (9) and wherein the secret key is read from the chipcarrf 
(25). 

11. The process according to any one of the preceding claims, wherein the mobile radio 
so telephone (7) serves, in addition, as the sender for transmitting the signed message (9) lu the receiver 

(5). 

12. A chlpcard for a mobile radio telephone, wherein the chlpcard (25) comprises signing 
means (21) which include a memory unit (27) for storing the secret key required for generating the 
signed message (9), characterised in that the signing means (21) generate a signed message (0) from 

w a message (3) whicJi is received by the mobile radio telephone (7) via the telephone network and is to 
be signed. 
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15. The chipcard according to claim 14, characterised in that the chrpcard (25) comprises 
signing means (21) which generate a signed message (9) from a message which is received by the 
mobile radio telephone and is to be signed. 
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ABSTRACT OF THE DISCLOSURE 

The invention relates to a method and to the necessary means for digital signing of a 
message. 



